Software Gets More Insecure, Not Less

Here Today, Gone TomorrowOne security problem for many businesses is the high turnover rate for chief information security officers; their average tenure at a company is just 18 months.

It's no surprise the enterprise is worried about security. For decades now, companies have been getting hit hard by cybercriminals who have tried to take them down, and it seems like there hasn't been a single time when any company was absolutely secure. Quite the contrary, every enterprise has suffered the effects of a security hack, and all of those firms have feared that their most important data would be left exposed. It's not an empty fear—as years drag on and hackers become more sophisticated, the threats companies face grow in comparison. And the chances of companies staying safe are starting to wane, according to security firm Veracode.

"Despite significant improvements in awareness of the importance of securing software, we are not seeing the dramatic decreases in exploitable coding flaws that should be expected," says Chris Eng, vice president of research at Veracode. "For each customer, development team or application that has become more secure, there are an equal number that have not."

Veracode recently conducted a study, analyzing tens of thousands of applications and code exploits to discover the level to which companies are being exploited. And not surprisingly, the company's findings provide worrisome data on the state of security, including the average tenure of chief information security officers.

Don Reisinger is a freelance technology columnist. He started writing about technology for Ziff-Davis' Gearlog.com. Since then, he has written extremely popular columns for CNET.com, Computerworld, InformationWeek, and others. He has appeared numerous times on national television to share his expertise with viewers. You can follow his every move at http://twitter.com/donreisinger.